Page 21 of 52

Configuring a Power DNS superslave server

January 30, 2011 / halfgaar

Power DNS, as opposed to Bind, has the option to be a superslave. This means that it will initiate any zone transfer from trusted hosts, avoiding the need to configure each zone on both master and slave.

Power DNS has separate back-ends, of which you must choose one. I chose mysql, and I use the generic mysql engine (this is different, and better, than normal MySQL, or something like that…).

First install Power DNS:

aptitute -P install pdns-server pdns-backend-mysql

Then create a database and user:

create database pdns character set utf8;
grant all on pdns.* to 'pdns'@'localhost' identified by 'password';

Then create this schema (found it in the Power DNS docs):

create table domains (
 id    INT auto_increment,
 name    VARCHAR(255) NOT NULL,
 master    VARCHAR(128) DEFAULT NULL,                                                                                                                    
 last_check  INT DEFAULT NULL,                                                                                                                           
 type    VARCHAR(6) NOT NULL,                                                                                                                            
 notified_serial INT DEFAULT NULL,                                                                                                                       
 account         VARCHAR(40) DEFAULT NULL,                                                                                                               
 primary key (id)                                                                                                                                        
)type=InnoDB;                                                                                                                                            
                                                                                                                                                         
CREATE UNIQUE INDEX name_index ON domains(name);                                                                                                         
                                                                                                                                                         
CREATE TABLE records (                                                                                                                                   
  id              INT auto_increment,                                                                                                                    
  domain_id       INT DEFAULT NULL,
  name            VARCHAR(255) DEFAULT NULL,
  type            VARCHAR(6) DEFAULT NULL,
  content         VARCHAR(255) DEFAULT NULL,
  ttl             INT DEFAULT NULL,
  prio            INT DEFAULT NULL,
  change_date     INT DEFAULT NULL,
  primary key(id),
  CONSTRAINT `records_ibfk_1` FOREIGN KEY (`domain_id`) REFERENCES `domains` (`id`) ON DELETE CASCADE
)type=InnoDB;
 
CREATE INDEX rec_name_index ON records(name);
CREATE INDEX nametype_index ON records(name,type);
CREATE INDEX domain_id ON records(domain_id);
 
create table supermasters (
  ip VARCHAR(25) NOT NULL, 
  nameserver VARCHAR(255) NOT NULL, 
  account VARCHAR(40) DEFAULT NULL
);
 
GRANT SELECT ON supermasters TO pdns;
GRANT ALL ON domains TO pdns;
GRANT ALL ON records TO pdns;

Then create /etc/powerdns/pdns.d/pdns-mysql-backend with this in it:

launch=gmysql
gmysql-host=127.0.0.1
gmysql-user=pdns
gmysql-password=password
gmysql-dbname=pdns

Then insert a supermaster:

insert into supermasters values ('1.2.3.4','ns1.example.com','identifiername');

Lastly, don’t forget to enable slave mode in /etc/powerdns/pdns.conf:

slave=yes

Remove appending slash from a path using Sed

January 29, 2011 / Rowan Rodrik

Here’s how you can remove the appending slash from a path using sed, the stream editor:

/just/a/path/ | sed -e 's#/$##'
# Output: /just/a/path
 
# And, if there isn't an appending slash, nothing happens:
 /just/another/path | sed -e 's#/$##'
# Output: /just/another/path

It works quite simple. Sed executes expression (-e) on its standard input. The expression is a substitution using regular expressions. The #-sign is the delimiter. The part (#/) between the first two hash signs is the matching expression and the (empty) part between the second and the third hash sign is the replacement expression. This expression (“s#/$##”) basically says: replace all occurrences of “/” at the end of the line (the dollar sign is the end-of-line anchor) with nothing.

To use this in a script is easy-peasy. Suppose $1 is a system path that may or may not include an appending slash:

#!/bin/bash
 
sanitized_path= "$1" | sed -e 's#/$##'`
 $sanitized_path

This script outputs its first parameter with the appending slash removed.

Roos Roos Loon installation and configuration weirdness

January 25, 2011 / halfgaar

Because Roos Roos Loon has always been an application that stored its data files in the program files directory, special measures had to be taken to make sure the data files are backed up. I wanted them on a network drive. To that end, I always installed the entire program on a network drive.

But I just found out that Loon 2010 had put its data files somewhere in Documents and Settings, even though the program was stored on the network. I guess this was the first version that separated the data and program paths. However, it did so without telling me. The reason it didn’t tell me, might be because of a bug I found in 2011.

For 2010 I just changed a regkey in “currentuser\software\vb and vba\Roos Roos” or something. 2011 I was installing on another machine and I decided to reinstall it to have it nicely from scratch.

And that’s were it started to be weird. Where it asked me where to put the data files the first time I had installed it, it didn’t this time, even when I removed the aforementioned regkey on this computer. It didn’t even want to start after the reinstall anymore, until I pointed it to the 2011 data files I had deleted when removing the program. I would think it would recreate them, as they were empty anyway, but it didn’t.

I think Loon 2011 not asking for the datapath and Loon 2010 not doing it either, may be related. Perhaps if there already is Roos Roos stuff on the machine, it skips that question (being a bug).

Therefore, I suspect that when 2012 is released, it may put its datafiles in the datapath for 2011. I have to watch that.

Ubuntu and SiS 671 VGA chipset driver

January 18, 2011 / Rowan Rodrik

The video on my mom’s laptop, A Fujitsu Siemens Esprimo Mobile V5535, had recently gone awry. At the time, the laptop was running Ubuntu 9.04 (I think). Reconfiguring the driver didn’t do much good, so I upgraded the machine to 10.04, hoping that that would fix it. It didn’t.

lspci|grep -i vga
01:00.0 VGA compatible controller: Silicon Integrated Systems [SiS] 771/671 PCIE VGA Display Adapter (rev 10)

I solved the problem by manually installing a replacement driver that I found through a blog post that I found through another blog post that I found through a forum post.

Or something like that. Who cares? The point is that I’m uploading the files I found here so that I don’t have to jump through MegaUpload hoops again (and sit through MedaAnnoying ads):

Installing the binary driver wasn’t too difficult. (I just always cringe when something happens outside of package management.) 🙁

mkdir sis; sis
wget http://blog.bigsmoke.us/uploads/2011/01/xorg-driver-sis671-0.9.1-fixed-build.zip
unzip *zip
sudo cp sis671_drv.* /usr/lib/xorg/modules/drivers
 
#Edit /etc/X11/xorg.conf and set `Driver   "sis671"` on the "Device" Section
[ -z $EDITOR ] && EDITOR=/usr/bin/vim
$EDITOR /etc/x11/xorg.conf

Restarting the X server after that was a bit difficult, since the upgrade to 10.04 also fucked up the console (that damn framebuffer) and because Ctrl-Alt-Backspace is disabled by default. I had to reboot. (Ok, I hate to admit: it’s not that it’s difficult, it’s just wrong.)

Anyway, after the system restart, it worked just fine again. The X log agrees:

(II) SIS: driver for SiS chipsets: SIS5597/5598, SIS530/620,
        SIS6326/AGP/DVD, SIS300/305, SIS630/730, SIS540, SIS315, SIS315H,
        SIS315PRO/E, SIS550, SIS650/M650/651/740, SIS330(Xabre),
        SIS[M]661[F|M]X/[M]741[GX]/[M]760[GX]/[M]761[GX]/662, SIS340,
        [M]670/[M]770[GX], [M]671/[M]771[GX]
(II) SIS: driver for XGI chipsets: Volari Z7 (XG20),
        Volari V3XT/V5/V8/Duo (XG40/XG42)
(II) Primary Device is: PCI 01@00:00:0
(WW) Falling back to old probe method for sis671
(--) Assigning device section with no busID to primary device
(--) Chipset [M]671/[M]771[GX] found
(II) SIS(0): SiS driver (2006/10/17-1, compiled for X.org 1.7.4.0)
(II) SIS(0): Copyright (C) 2001-2005 Thomas Winischhofer  and others
(II) SIS(0): *** See http://www.winischhofer.at/linuxsisvga.shtml
(II) SIS(0): *** for documentation, updates and a Premium Version.
(II) SIS(0): RandR rotation support not available in this version.
(II) SIS(0): Dynamic modelist support not available in this version.
(II) SIS(0): Screen growing support not available in this version.
(II) SIS(0): Advanced Xv video blitter not available in this version.
(II) SIS(0): Advanced MergedFB support not available in this version.
(--) SIS(0): sisfb not found
(--) SIS(0): Relocated I/O registers at 0x9000

Then, to also fix the console:

grep vga16fb /etc/modprobe.d/* || sudo sh -c "echo blacklist vga16fb >> /etc/modprobe.d/blacklist-framebuffer.conf"
 
sudo update-initramfs -u
 
sudo reboot
 
# pray

I had two other issues that popped up after the upgrade the 10.04. I was inclined to blame the first on the new video driver, but I solved it by disabling “Hardware Acceleration” in the Flash plugin preferences. [source]

Another problem that confused my mother was that the volume control icon had gone. [solution]

How to make a wiki work: PALDAP

January 14, 2011 / Rowan Rodrik

The first ever wiki I started was www.paldap.org. PALDAP stands for “PALDAP: A Lazy Directory Administrator’s Pal”. Yes, that’s a recursive acronym. Cute, ainnit? I actually registered the domain because it was the name of a crappy abandonware PHP LDAP administration tool that I wrote in PHP, but decided instead to configure it as a wiki to host some of my assorted experiences with LDAP and OpenLDAP in particular.

I never much bother with LDAP anymore, but the wiki remains because cool URLs don’t change and it doesn’t cost me that much. AdSense income for the wiki is only marginal (€15 in over three years) because the wiki’s content is only marginally useful and the traffic (300 visitors/month) reflects that fact.

[…]

Six days passed since I wrote the last paragraph. It’s a funny thing how writing can mess with your head. I was going to use PALDAP as in introduction to my struggle to make money of my wikis in general. Because the most promising of these wikis are my Hardwood Wikis and not my LDAP wiki, I wasn’t going to linger too much on it. But it’s a week later and some unexpected things happened.

Often, since becoming more familiar with Semantic MediaWiki, I’ve been considering the idea of converting the DokuWiki installation that runs www.paldap.org to a Semantic MediaWiki installation. Yet, nothing ever happened. I no longer work with LDAP professionally and most of the time I just kind of forgot that the site even existed. Until a week ago, when I started writing this post.

So, what happened? How do decisions happen? I have no idea. I’m not a neurologist. (I’m not even a ~~sceintist~~; Hell, I can’t even spell “scientist”.)

What I have now are rationalizations for my decision but my decision is quite clear: I can’t kill my darling, even though I never really properly cared for it. For the last four years or so I had simply abandoned it on the grounds that it wasn’t costing me much anyway (it’s hosted at NearlyFreeSpeech.Net). Yes, the costs have gone up, but that’s just a rationalization. I could have just gone on and ignore the site’s existence without it ever making much of an impact on my cash flow. (I did some years ago actually promise the site’s most active contributer to never take the site off-line.)

So, if I was being rational, I would have just left the site alone. But, I’m not a rational being. Increasingly less so, in fact. A happy fact, if you ask me.

The PALDAP logo designed by Jeroen Dekker

The looks

Anyway, I still haven’t told you what happened last week. I didn’t leave the site alone. I created a development version of the site based on Semantic MediaWiki. It’s fucking kick-ass. It looks awesome thanks to MediaWiki’s new vector skin. But it looks even more awesome thanks to Jeroen Dekker. As we often do, we were hanging out at his place in a lazy haze, being generally unproductive but with random bursts of intelligent conversation and productivity. This day I had been absent-mindedly hacking away on my new MediaWiki darling and I was about to leave and jump on my bicycle when I mentioned that I could use a logo for PALDAP.

It was probably way past one in the morning already, but Jeroen was still in a creative mood from play-practicing with his new lighting set. All I can say about his creativity is that it was late, I hadn’t slept very long the night before (and the night before that and the night before and…) Let’s just say that he besides his excellent gear he didn’t have some very good material to work with. I was feeling ugly and tired. Yet…

Jeroen's creative genius is a compliment to my awesome facial features 🙂

He went into a kind of frenzy on his big-ass touch-screen and being coaxed by me he created the perfect offset for the boring technical subject that is LDAP.

The brains

In the meantime, since last weekend, I’ve been starting to assemble a logical structure of semantic properties (think of LDAP attributes or SQL fields) and templates (sort of like MediaWiki functions) that’ll allow me to capture all the semantics related to the LDAP and the ecology around it.

The booty

I still don’t believe that PALDAP has a huge revenue potential, but hosting costs have increased and if I can get the website to awaken from its winter sleep, maybe it’ll at least start paying for itself again. Not that I really care, honestly. Somehow it’s just masturbatorily satisfying to use the expressiveness of RDF to capture the semantics of LDAP. What I like about it is that the wiki concept (and especially the semantic wiki concept) is a very tight fit for technical documentation. Another thing that I like about working with a wiki about a technical subject is that the wiki has a technical audience. I mean, there’s a reason that the visitors of my Hardwood Investment Wikis click on all those expensive links and that reason is not the technical insight that’ll lead to users clicking the edit button and actually contributing content.

In fact, even with the old DokuWiki version of the site, much of the content was actually created by other users (most by the same user called brontolo). If the community of my Hardwood Wikis worked this well… Let’s just say that I could remain in retirement for a while then.

So, even if this’ll just be an exercise in effective community building/plumbing rather than a way to make advertising income easily, it’ll still be effective as an exercise. I’m going to follow my intuition on this one and see how successful it’ll become and how much time it’ll take.

Fuck, this post sucks, but it sure does help me. Don’t ask me how, but it does. Kinda.

Finding junction files in Windows 7 and exclude them with DeltaCopy

January 10, 2011 / halfgaar

Windows 7 has a sort of hard link, a junction file, which it uses to link the old location “Documents and Settings” to /Users/. Because of all this junctioning, you can’t just copy files with a Cygwin program like Deltacopy, because it will hang in infinite loop and copy a whole lot of things twice.

To identify junction files, run:

dir /AL /s

Here is an example exclude list for deltacopy for a standard windows 7 machine. Path names are specified assuming every user dir is supplied as separate dir to copy (because there are references to root, like ‘/Mijn documenten’:

--delete-excluded --exclude "/Application Data" --exclude "**/Downloads" --exclude "**/AppData/Local/Application Data" --exclude "/Local Settings" --exclude "**/Temporary Internet Files" --exclude "**/Flash Player" --exclude "**/Temp" --exclude "**/VirtualStore" --exclude "NTUSER.DAT*" --exclude "UsrClass.dat*" --exclude "ntuser.dat*" --exclude "parent.lock" --exclude "/Mijn documenten"  --exclude "/Mijn afbeeldingen" --exclude "/Mijn muziek" --exclude "/Mijn video's"

The ‘Mijn Documenten’ and such is a link to other dirs, so it doesn’t skip them. Be sure not to use these statements when running this on Windows XP…

Bash script template

January 5, 2011 / halfgaar

#!/bin/bash
#
# Author: Wiebe Cazemier (wiebe@halfgaar.net)
#
# Template bash script, for when you need something overengineerd :)
 
# Hack prevention
PATH="/sbin:/usr/sbin:/bin:/usr/bin"
 
# Error codes
wrong_params=5
interrupted=99
default_error=1
 
# Function to echo in color. Don't supply color for normal color.
echo_color()
{
  message="$1"
  color="$2"
 
  red_begin="\033[01;31m"
  green_begin="\033[01;32m"
  yellow_begin="\033[01;33m"
  color_end="\033[00m"
 
  # Set color to normal when there is no color
  [ ! "$color" ] && color_begin="$color_end"
 
  if [ "$color" == "red" ]; then
    color_begin="$red_begin"
  fi
 
  if [ "$color" == "green" ]; then
    color_begin="$green_begin"
  fi
 
  if [ "$color" == "yellow" ]; then
    color_begin="$yellow_begin"
  fi
 
  echo -e "${color_begin}${message}${color_end}"
}
 
end()
{
  message="$1"
  exit_status="$2"
 
  if [ -z "$exit_status" ]; then
    exit_status="0"
  fi
 
  if [ ! "$exit_status" -eq "0" ]; then
    echo_color "$message" "red"
  else
    echo_color "$message" "green"
  fi
 
  if [ "$exit_status" -eq "$wrong_params" ]; then
    dohelp
  fi
 
  exit $exit_status
}
 
# Define function to call when SIGTERM is received
trap "end 'Interrupted' $interrupted" 1 2 3 15
 
dohelp()
{
  echo ""
  echo "Example script"
  echo ""
  echo "help = todo"
 
  # Exit because you don't want the script to do anything after displaying help
  exit 
}
 
 
while [ -n "$*" ]; do
  flag=$1
  value=$2
 
  case "$flag" in
    "--option1")
      option1=$value
      shift
    ;;
    "--help")
      dohelp
    ;;
    "--")
      break
    ;;
    *)
      end "unknown option $flag. Type --help" "$wrong_params"
    ;;
  esac
 
  shift
done
 
if [ -z "$option1" ]; then
  end "option1 not given" $wrong_params
fi

Bash parameter parsing

January 5, 2011 / halfgaar

Here is a code snippet I use for parameter parsing:

dohelp()
{
  "Example script"
  ""
 
  # Exit because you don't want the script to do anything after
  # displaying help, and do so with error, so that calling scripts won't think it succeeded
  1
}
 
  [ -n "$*" ];
  flag="$1"
  value="$2"
 
  "$flag"
    "--one")
      one="$value"
     
    ;;
    "--two")
      two="$value"
     
    ;;
    "--pretend")
      pretend=true
    ;;
    "--help")
      dohelp
    ;;
    "--")
     
    ;;
    *)
      -e "unknown option $flag\n"
      dohelp
    ;;

Allowing apache to set Nagios cmd file

December 28, 2010 / halfgaar

On debian, to prevent:

Error: Could not stat() command file ‘/var/lib/nagios3/rw/nagios.cmd’!

Do:

/etc/init.d/nagios3 stop
dpkg-statoverride --update --add nagios www-data 2710 /var/lib/nagios3/rw
dpkg-statoverride --update --add nagios nagios 751 /var/lib/nagios3
/etc/init.d/nagios3 start

source.

Effective CLI habits

December 24, 2010 / Rowan Rodrik

Just an example of some effective CLI magic that I copy/pasted into a draft ~~about~~exactly a year ago. Can you see what’s happening? I’m moving some selected files into a subdirectory.

$ ls *png
boucoule-17jaar-met-steen.png         evening_cloud.png  small-map-molenweg.png  tile11.png
boucoule-2001-2002-face5-400x300.png  hardwood-logo.png  step-01.png             tile9a.png

$ ls *png|while read f; do echo $f; done
boucoule-17jaar-met-steen.png
boucoule-2001-2002-face5-400x300.png
evening_cloud.png
hardwood-logo.png
small-map-molenweg.png
step-01.png
tile11.png
tile9a.png

$ ls *png|while read f; do svn mv $f index; done
A         index/boucoule-17jaar-met-steen.png
D         boucoule-17jaar-met-steen.png
A         index/boucoule-2001-2002-face5-400x300.png
D         boucoule-2001-2002-face5-400x300.png
A         index/evening_cloud.png
D         evening_cloud.png
A         index/hardwood-logo.png
D         hardwood-logo.png
A         index/small-map-molenweg.png
D         small-map-molenweg.png
A         index/step-01.png
D         step-01.png
A         index/tile11.png
D         tile11.png
A         index/tile9a.png
D         tile9a.png

Bonus points if you notice that I could have moved the JPEGs and PNGs in one command instead of doing the same thing for the second time for the JPEGs as below. (I probably forgot that I also had some JPEGs lying around, or there must have been some other lame excuse.)

$ ls *jpg
bruggetje-225x300.jpg  favicon.jpg  purple-rowan.jpg        rowan-2007.jpg                rowan-wilderness.jpg
bruggetje.jpg          hekje.jpg    rowan-2007-448x300.jpg  rowan-wilderness-400x300.jpg

$ ls *jpg|grep -v favi
bruggetje-225x300.jpg
bruggetje.jpg
hekje.jpg
purple-rowan.jpg
rowan-2007-448x300.jpg
rowan-2007.jpg
rowan-wilderness-400x300.jpg
rowan-wilderness.jpg

$ ls *jpg|grep -v favi|while read f; do svn mv $f index; done
A         index/bruggetje-225x300.jpg
D         bruggetje-225x300.jpg
A         index/bruggetje.jpg
D         bruggetje.jpg
A         index/hekje.jpg
D         hekje.jpg
A         index/purple-rowan.jpg
D         purple-rowan.jpg
A         index/rowan-2007-448x300.jpg
D         rowan-2007-448x300.jpg
A         index/rowan-2007.jpg
D         rowan-2007.jpg
A         index/rowan-wilderness-400x300.jpg
D         rowan-wilderness-400x300.jpg
A         index/rowan-wilderness.jpg
D         rowan-wilderness.jpg

BigSmoke